Bug 115223 - SSL parameters not taken in account
SSL parameters not taken in account
Status: CLOSED RAWHIDE
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: redhat-config-httpd (Show other bugs)
3.0
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Phil Knirsch
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-02-09 05:55 EST by jean-claude jouffre
Modified: 2015-03-04 20:13 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-07-30 10:55:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description jean-claude jouffre 2004-02-09 05:55:30 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; fr; rv:1.5)
Gecko/20031007 Firebird/0.7

Description of problem:
when creating a secure virtual host, no SSL parameter is written in
httpd.conf

Version-Release number of selected component (if applicable):
1.1.0-4

How reproducible:
Always

Steps to Reproduce:
1. create a virtual host
2. in SSL page, select SSL support
3. modify or not some options
4. validate all screens
5. the httpd.conf does not contain SSL parameters we have choosen
previously, but only "strange directives" :
   <IfDefine HAVE_SSL>
   </IfDefine>
    

Actual Results:  in httpd.conf, parameters :
<VirtualHost 1.2.3.4>
   <IfDefine HAVE_SSL>
   </IfDefine>


Expected Results:  <VirtualHost 1.2.3.4>
   SSLEngine on
   SSLCertificateFile /myfile1
   SSLCertificateKeyFile /myfile2
   SSLCertificateChainFile /myfile2
   SSLOptions FakeBasicAuth ExportCertData ...



Additional info:

here are some workarounds I made to let it work, but I don't know if
these are the proper fixes :
1) in /usr/share/redhat-config-httpd/ApacheControl.py file
   in _dehydrate_vhost_page_3 method, adding a string conversion :
      vhost.SSLCertificateFile = str(widget.get_text ())
      vhost.SSLCertificateKeyFile = str(widget.get_text ())
      vhost.SSLCertificateChainFile = str(widget.get_text ())
      vhost.SSLCACertificateFile = str(widget.get_text ())
   no need for SLLLog and SSLLogLevel (see 115221 bug)
2) in /usr/share/redhat-config-httpd/httpd.conf.xsl file
   in Virtual hosts part
      removing lines (I didn't understand their purpose) :
            <xsl:for-each select="SSLEngine">
            &lt;IfDefine HAVE_SSL>
         later on :
            </xsl:for-each>
         then :
            &lt;/IfDefine>
      adding the line :
         <xsl:for-each select="SSLOptions">SSLOptions <xsl:value-of
select="@VALUE" /></xsl:for-each>
      after the line :
<xsl:for-each select="SSLCACertificatePath">SSLCACertificatePath
<xsl:value-of select="@VALUE" /></xsl:for-each>
Comment 1 Phil Knirsch 2004-07-30 10:55:40 EDT
OK, that makes sense.

Including fixes, latest rawhide version s-c-h-1.2.1-1 will contain the
changes.

Read ya, Phil

Note You need to log in before you can comment on or make changes to this bug.